Give Codeship’s CI/CD Platform a Try

Want to learn more?

At Codeship, we’re pleased to be able to integrate with several third-party products across a variety of areas to ensure your CI/CD workflows are that much smoother. For example, Snyk is an automated solution that checks for security vulnerabilities with your dependencies and ensures your dependencies are up to date.

Starting with Snyk and Codeship is fast and easy. The Snyk documentation does a great job of providing more information, in addition to our setup instructions below.

CLI configuration

To add the Snyk CLI, you will need to add the following command to the Dockerfile for the service you want to run Snyk on:

RUN npm install -g snyk

Note that this requires the Dockerfile to also have Node and NPM available, in order to use the Snyk CLI.

Running a scan

Once your Snyk token is loaded via your environment variables and you have defined a service that installs the Snyk CLI, you can run a Snyk scan during your CI/CD pipeline. Simply pass the Snyk CLI commands via the service you have it installed in.

We will combine the Snyk authentication and Snyk scan commands into a script file that we call from a step:

- name: Snyk
service: app
command: snyk.sh

Inside this snyk.sh script, you will have something similar to:

snyk auth
snyk test

Note that the above snyk auth command will use the SNYK_TOKEN environment variable you set earlier for authentication.

Codeship Basic

Let’s move on to integrating Snyk with Codeship Basic. To begin, you need to add your SNYK_TOKEN to your to your project’s environment variables.

You can do this by navigating to Project Settings and then clicking on the Environment tab.

Subscribe via Email

Over 60,000 people from companies like Netflix, Apple, Spotify and O'Reilly are reading our articles. Subscribe to receive a weekly newsletter with articles around Continuous Integration, Docker, and software development best practices.

We promise that we won't spam you. You can unsubscribe any time.

Join the Discussion

Leave us some comments on what you think about this topic or if you like to add something.